Most people have poor password management habits. Maybe not you, but somebody in your organisation does and it deems a serious risk.
The average individual has 10-25 different online accounts. This demonstrates why so many people use the same password over and over again. It’s unrealistic to expect users to remember dozens of unique passwords, hence the re-use of the same password across multiple online accounts.
As our previous article suggests that network security is everybody’s responsibility, password management falls into this category, with 63% of breaches involving weak, default or stolen passwords. This poses a constant threat for organisations and its IT managers, with the task of ensuring employee passwords remain strong, updated regularly and managed effectively to mitigate the risk of any breach.
Cyber criminals are always going to take the easy route, especially when user credentials are easy to come by. This is no surprise when research suggests that some of the most popular passwords consist of 12345, 123456, 12345678, Password and qwerty. Do you fall into this category?
When creating a password, ensure it is as strong as possible. In other words, make your password random and complex, making it more difficult to be cracked. As simple as it sounds, longer and complex passwords are stronger and harder to crack than shorter passwords. A professional hacker can crack an 8-single case character password in minutes. Add a number to that password and it can take hours.
Have you ever heard of the term password entropy?
Password entropy is a guide on how much effort is required to crack your password measured in bits. To calculate a bit, it is the log base 2 of the number of characters in the character set used, multiplied by the number of characters in the passwords itself. Therefore, a password with 20 bits of entropy will require 2^20 (1,048,576) attempts to exhaust all possibilities during an attack. This means adding one bit of entropy to a password doubles the number of guesses required, making an attacker’s task twice as difficult.
With multiple online accounts and passwords, how can you protect and remember all of them?
Password managers are software tools designed to store individual passwords, protected by one master password as the key. This gives users the luxury of only having to remember one password, whilst creating high entropy passwords for their multiple online accounts to prevent any attacks. However, like any software, password managers may have bugs and security vulnerabilities. Therefore, we encourage users to take further research on selected password managers and read reviews on security history.
At 5G Networks, we provide our employees and clients with access to My Glue, giving users secure access to Wi-Fi, email and company application passwords anytime, anywhere. My Glue is a secure and easy to use password vault, providing users with transparency and collaboration, whilst removing the risk of poor password management.